Debian Linux Security Advisory 1925-1 - It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon, does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, when the dNSNameRequired TLS option is enabled.
58b810f5fa37b676da5a978bc004bd482565cedd80006fcc98dfbf0f8581d1c7